Skip to content

feat: add PowerShell support, non-interactive mode, account mapping, and default profile options #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
frank-bee wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat: add PowerShell support, non-interactive mode, account mapping, and default profile options #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
f9767a7
feat: sync updates from development repo
frank-bee Dec 1, 2025
d54c567
docs: add quick start one-liner installation examples
frank-bee Dec 1, 2025
607efe6
docs: fix one-liner syntax and improve examples
frank-bee Dec 1, 2025
0e67162
fix: replace exit with return to prevent session close in scriptblock…
frank-bee Dec 1, 2025
8753b2a
docs: use generic role names in examples
frank-bee Dec 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion LICENSE
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
Copyright 2025 Amazon.com, Inc. or its affiliates. and Frank Bernhardt. All Rights Reserved.

Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
Expand Down
79 changes: 74 additions & 5 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,53 @@ command before you can use any AWS SSO profile. However, once you have logged
in once, you will be able to use any of the created profiles until your
authorization token expires.

### Quick Start (One-Liner)

Run the tool directly without downloading:

**Bash (macOS/Linux):**
```bash
bash <(curl -fsSL https://raw.githubusercontent.com/frank-bee/aws-sso-profile-tool/main/awsssoprofiletool.sh) <region> <start_url>
```

Example:
```bash
bash <(curl -fsSL https://raw.githubusercontent.com/frank-bee/aws-sso-profile-tool/main/awsssoprofiletool.sh) \
us-east-1 "https://mycompany.awsapps.com/start"
```

With options (non-interactive + default profile + account mappings):
```bash
bash <(curl -fsSL https://raw.githubusercontent.com/frank-bee/aws-sso-profile-tool/main/awsssoprofiletool.sh) \
-y \
--map "Production:Prod" \
--map "Development:Dev" \
--default "DevAdminAccess" \
us-east-1 "https://mycompany.awsapps.com/start"
```

**PowerShell (Windows):**
```powershell
& ([scriptblock]::Create((irm https://raw.githubusercontent.com/frank-bee/aws-sso-profile-tool/main/awsssoprofiletool.ps1))) -Region <region> -StartUrl <start_url>
```

Example:
```powershell
& ([scriptblock]::Create((irm https://raw.githubusercontent.com/frank-bee/aws-sso-profile-tool/main/awsssoprofiletool.ps1))) `
-Region us-east-1 `
-StartUrl "https://mycompany.awsapps.com/start"
```

With options (non-interactive + default profile + account mappings):
```powershell
& ([scriptblock]::Create((irm https://raw.githubusercontent.com/frank-bee/aws-sso-profile-tool/main/awsssoprofiletool.ps1))) `
-Region us-east-1 `
-StartUrl "https://mycompany.awsapps.com/start" `
-NoPrompt `
-Map "Production:Prod","Development:Dev" `
-Default "DevAdminAccess"
```

### Installation

To install the tool, follow these steps:
Expand All @@ -39,17 +86,39 @@ the following methods:
To run the script, do one of the following:

* If the script is executable, run it with `./awsssoprofiletool.sh
<region> <start_url> [<profile_file>]`
[-y] [--map "FROM:TO" ...] [--default <profile>] <region> <start_url> [<profile_file>]`
* If the script is not executable, run it with `bash awsssoprofiletool.sh
<region> <start_url> [<profile_file>]`
[-y] [--map "FROM:TO" ...] [--default <profile>] <region> <start_url> [<profile_file>]`

The arguments are as follows:

* &lt;region&gt; - the region where AWS SSO is running
* &lt;start_url&gt; - the start URL from the AWS SSO page
* &lt;profile_file&gt; - where the profiles will be created; defaults to
* `-y` - (optional) non-interactive mode; overwrites config and creates all profiles without prompts
* `--map "FROM:TO"` - (optional) map account name FROM to TO in profile names; can be specified multiple times
* `--default <profile>` - (optional) create a `[default]` profile that mirrors the specified profile name
* `<region>` - the region where AWS SSO is running
* `<start_url>` - the start URL from the AWS SSO page
* `<profile_file>` - where the profiles will be created; defaults to
~/.aws/config

**Example with account name mappings:**
```bash
./awsssoprofiletool.sh -y \
--map "Production:Prod" \
--map "Development:Dev" \
us-east-1 https://example.awsapps.com/start
```

This would create profiles like `ProdAdminAccess` instead of `ProductionAdminAccess`.

**Example with default profile:**
```bash
./awsssoprofiletool.sh -y \
--default "DevAdminAccess" \
us-east-1 https://example.awsapps.com/start
```

This creates all profiles plus a `[default]` section that mirrors `DevAdminAccess`, so AWS CLI commands work without specifying `--profile`.

## Security

See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information.
Expand Down
Loading